Section:  .. / 0412-exploits  /

Page 1 of 3
<< 1 2 3 >> Files 1 - 25 of 74
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: hijack_apache-0.1a.tar.gz
Description:
A year after the flaw's discovery, this tool has been released to hijack HTTP connections under Apache and Apache2 with mod_php.
Author:EmirAga
Homepage:http://projects.emiraga.com/
File Size:244758
Last Modified:Dec 31 20:05:30 2004
MD5 Checksum:8ee6c5e434322cab0a08624aa930a887

 ///  File Name: MSXPSP2-ieEXP.txt
Description:
Internet Explorer HTML Help Control Local Zone bypass exploit that can be used against Microsoft Windows XP versions SP2 and below.
Author:Michael Evanchik, Paul from Greyhats, http-equiv
Homepage:http://www.michaelevanchik.com
File Size:28646
Last Modified:Jan 1 03:39:57 2005
MD5 Checksum:5aabc81cc7ff559369ba72b039815c3a

 ///  File Name: phpbbmemorydump.cpp
Description:
phpBB 2.x with PHP <= 4.3.9 Remote unserialize() exploit, in c++. More information available here.
Author:Overdose
File Size:21905
Last Modified:Dec 20 06:47:59 2004
MD5 Checksum:56830aa54ca1057db8801240d287900e

 ///  File Name: msnXSS.txt
Description:
A whole slew of cross site scripting flaws have been discovered and are listed here.
Author:Jamie Fisher
File Size:19794
Last Modified:Dec 12 19:33:02 2004
MD5 Checksum:bdde296e55534bed7cacfd8464b7b495

 ///  File Name: HOD-ms04031-netdde-expl.c
Description:
Remote proof of concept exploit for the NetDDE buffer overflow vulnerability as described in MS04-031. Tested on: Windows XP Professional SP0, Windows XP Professional SP1, Windows 2000 Professional SP2, Windows 2000 Professional SP3, Windows 2000 Professional SP4, Windows 2000 Advanced Server SP4.
Author:houseofdabus
File Size:19637
Last Modified:Jan 2 21:35:26 2005
MD5 Checksum:d8d4090c728f4295d8bb51908e941671

 ///  File Name: crystalPoC.c
Description:
Crystal FTP Pro version 2.8 proof of concept exploit that makes use of a flaw in the LIST command.
Author:cybertronic
Related File:crystalftp.txt
File Size:16647
Last Modified:Dec 31 21:56:35 2004
MD5 Checksum:384ea878b20d258c64dacd1a2c438f5d

 ///  File Name: netcat-exp.txt
Description:
A buffer overflow in netcat can allow for remote compromise. Full exploit provided.
Author:class101
File Size:15514
Last Modified:Jan 2 20:13:29 2005
MD5 Checksum:a2b6b784698e602e8fb3cea8f8d99e58

 ///  File Name: raptor_passwd.c
Description:
Local root exploit for a vulnerability in the passwd circ() function under Solaris/SPARC 8/9. This exploit uses the ret-into-ld.so technique, to effectively bypass the non-executable stack protection (noexec_user_stack=1 in /etc/system).
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info
File Size:13960
Related CVE(s):CAN-2004-0360
Last Modified:Dec 31 21:38:36 2004
MD5 Checksum:9d4de237075ceb5ffa390f845ff73748

 ///  File Name: raptor_rlogin.c
Description:
Remote root exploit for rlogin on Solaris/SPARC 2.5.1/2.6/7/8. This remote root exploit uses the (old) System V based /bin/login vulnerability via the rlogin attack vector, returning into the .bss section to effectively bypass the non-executable stack protection (noexec_user_stack=1 in /etc/system).
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info/
File Size:12532
Related CVE(s):CVE-2001-0797
Last Modified:Dec 31 21:40:48 2004
MD5 Checksum:e6308246578fe5d9eb5dcd19eee0b260

 ///  File Name: kreedexec.zip
Description:
Remote exploit for Kreed versions 1.05 and below that suffer from format string error, denial of service, and server freeze flaws.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:kreedexec.txt
File Size:11451
Last Modified:Dec 12 01:23:53 2004
MD5 Checksum:b975e09fcf4c5ed1de4d0811c9d44aaa

 ///  File Name: isec-0018-igmp.txt
Description:
Multiple bugs both locally and remotely exploitable have been found in the Linux IGMP networking module and the corresponding user API. Full exploit provided. Linux kernels 2.4 up to and include 2.4.28 and 2.6 up to and including 2.6.9 are affected.
Author:Paul Starzetz
Homepage:http://isec.pl/vulnerabilities/isec-0018-igmp.txt
File Size:9640
Related CVE(s):CAN-2004-1137
Last Modified:Dec 30 08:22:34 2004
MD5 Checksum:b7cd630515de8672732c1abcbf16e912

 ///  File Name: raptor_libdthelp2.c
Description:
Local root exploit for a buffer overflow in CDE libDtHelp library that allows local users to execute arbitrary code via a modified DTHELPUSERSEARCHPATH environment variable and the Help feature. Works against Solaris/SPARC 7/8/9. This is the ret-into-ld.so version of raptor_libdthelp.c, able to bypass the non-executable stack protection (noexec_user_stack=1 in /etc/system).
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info
File Size:9254
Related CVE(s):CAN-2003-0834
Last Modified:Dec 31 21:35:42 2004
MD5 Checksum:be55e3c1fd954ee10f92a9a1376a141e

 ///  File Name: citadel_fsexp.c
Description:
Remote root exploit for Citadel/UX versions 6.27 and below that makes use of a format string vulnerability. Tested against Slackware 10.0.
Author:CoKi
Homepage:http://www.nosystem.com.ar
Related File:nsg-advisory-09.txt
File Size:9135
Last Modified:Dec 12 20:57:44 2004
MD5 Checksum:90c58521cf1c000af9e84004d8bb79b4

 ///  File Name: exploitphpbb.zip
Description:
Perl script exploit extracted from the phpBB worm. This code attempts to deface htmls found on a target machine and attempts to use google to find more machines to attack.
File Size:8704
Last Modified:Dec 31 10:56:02 2004
MD5 Checksum:0bebd43e2dea960bfe8e66831ea79d75

 ///  File Name: wget18x.txt
Description:
wget versions 1.8 and below allow for arbitrary overwriting, creating, and appending to files on the underlying system with the permissions of the user executing the binary. The files to be written to can be anywhere regardless of what the end user has requested. The primary flaw is a failure to sanitize redirection data.
Author:Jan Minar
File Size:8366
Last Modified:Dec 12 20:07:01 2004
MD5 Checksum:88a6d3d3f49ea2cb29e920e0c504eaf6

 ///  File Name: raptor_ldpreload.c
Description:
Local root exploit for a stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 that allows local users to gain root privileges via a long LD_PRELOAD environment variable.
Author:Marco Ivaldi
Homepage:http://www.0xdeadbeef.info/
File Size:8202
Related CVE(s):CAN-2003-0609
Last Modified:Dec 31 21:31:47 2004
MD5 Checksum:2bec716e5744a67019345db15bc0bc0d

 ///  File Name: lithsock.zip
Description:
Remote denial of service proof of concept exploit for the Lithtech game engine that is susceptible to a denial of service attack via a logic error when handling UDP packets with zero bytes.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org/
Related File:lithsock.txt
File Size:7789
Last Modified:Dec 30 07:42:42 2004
MD5 Checksum:781945faf97839d745ebc389b81f073a

 ///  File Name: ex_MERCURY2.c
Description:
Universal remote exploit for the buffer overflow vulnerability in Mercury Mail 4.01 (Pegasus) IMAP server. Second version loaded with 14 types of attacks.
Author:John H.
Homepage:http://www.secnetops.com
File Size:7762
Last Modified:Dec 12 01:05:33 2004
MD5 Checksum:9aafca56ed08e82a2d67bf3fdd5546a5

 ///  File Name: bfcboom.zip
Description:
Denial of service exploit for Battlefield 1942 versions 1.6.19 and below and Battlefield Vietnam versions 1.2 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:bfcboom.txt
File Size:7110
Last Modified:Dec 12 19:38:53 2004
MD5 Checksum:0bae9b8ecfb01b57d09c8968c9989cdc

 ///  File Name: firstclass.txt
Description:
OpenText FirstClass version 8.0 httpd /Search remote denial of service exploit that makes use of large requests.
Homepage:http://milw0rm.com/
File Size:6607
Last Modified:Dec 30 08:53:19 2004
MD5 Checksum:4454a8916856db202a09da2b6e930c89

 ///  File Name: secunia.com-advisories-13415.c
Description:
Firstclass v7.1 and 8.0 remote denial of service exploit. More information available here.
Author:Anand Khare
File Size:6581
Last Modified:Dec 19 13:42:44 2004
MD5 Checksum:858b743a7cb04af9ba6387fc6e299484

 ///  File Name: phpbbworm2.tgz
Description:
New version of the phpBB worm that successfully works against a patched phpBB 2.0.11. The scripts in this tarball are the worm itself and the bot that is installed. Found by Herman Sheremetyev.
File Size:6414
Last Modified:Dec 31 23:23:21 2004
MD5 Checksum:3e25607b656731c8902642da039f0697

 ///  File Name: sugarSales.txt
Description:
Multiple Vulnerabilities have been found in the open source customer relationship management software SugarSales. These vulnerabilities include full path disclosure, file inclusion, remote command execution, and SQL injection attacks. Versions up to 2.0.1c are susceptible.
Author:Daniel Fabian
File Size:6150
Last Modified:Dec 30 07:28:17 2004
MD5 Checksum:6a238c167b455bb722100e71b4d42187

 ///  File Name: phpGroupWare.txt
Description:
phpGroupWare version 0.9.16.003 is susceptible to full path disclosure, cross site scripting, and SQL injection attacks. Exploitation provided.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:5975
Last Modified:Dec 30 08:54:56 2004
MD5 Checksum:8889f85e8f28423e6ef44a2548455b0c

 ///  File Name: e107.pl.txt
Description:
e107 remote exploit that makes use of an unsanitized include().
Author:sysbug
File Size:5505
Last Modified:Dec 31 20:53:57 2004
MD5 Checksum:85b58f0938dbca16f27c00f26bbca6eb